2016-07-11 21:38:36 +02:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* EGroupware Api: Mail account credentials tests
|
|
|
|
*
|
|
|
|
* @link http://www.stylite.de
|
|
|
|
* @package api
|
|
|
|
* @subpackage mail
|
|
|
|
* @author Ralf Becker <rb-AT-stylite.de>
|
|
|
|
* @copyright (c) 2016 by Ralf Becker <rb-AT-stylite.de>
|
|
|
|
* @author Stylite AG <info@stylite.de>
|
|
|
|
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
|
|
|
* @version $Id$
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace EGroupware\Api\Mail;
|
|
|
|
|
|
|
|
use EGroupware\Api;
|
2017-08-18 11:45:10 +02:00
|
|
|
use PHPUnit\Framework\TestCase;
|
2016-07-11 21:38:36 +02:00
|
|
|
use ReflectionClass;
|
|
|
|
use EGroupware\Api\Mail\Credentials;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Mail account credentials tests
|
|
|
|
*
|
|
|
|
* Only testing en&decryption of mail passwords so far.
|
|
|
|
* Further tests would need database.
|
|
|
|
*/
|
2017-08-18 11:45:10 +02:00
|
|
|
class CredentialsTest extends TestCase
|
2016-07-11 21:38:36 +02:00
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Test new 16.1 AES password encryption with OpenSSL
|
|
|
|
*/
|
|
|
|
public function testAes()
|
|
|
|
{
|
|
|
|
$mail_password = 'RälfÜber12345678sdddfd';
|
|
|
|
$account_id = $GLOBALS['egw_info']['user']['account_id'] = 1;
|
|
|
|
Api\Cache::setSession('phpgwapi', 'password', base64_encode('HMqUHxzMBjjvXppV'));
|
|
|
|
|
|
|
|
// test encryption with fixed salt
|
|
|
|
$pw_encrypted = 'IaaBeu6LiIa+iFBnHYroXA==4lp30Z4B20OdUYnFrxM3lo4b+bsf5wQITdyM1eMP6PM=';
|
|
|
|
$pw_enc = null;
|
|
|
|
$this->assertEquals($pw_encrypted, self::callProtectedMethod('encrypt_openssl_aes', __NAMESPACE__.'\\Credentials',
|
|
|
|
array($mail_password, $account_id, &$pw_enc, null, base64_decode(substr($pw_encrypted, 0, Credentials::SALT_LEN64)))),
|
|
|
|
'AES encrypt with fixed salt');
|
|
|
|
|
|
|
|
// test encryption&descryption with random salt
|
|
|
|
$pw_encrypted_rs = self::callProtectedMethod('encrypt', __NAMESPACE__.'\\Credentials',
|
|
|
|
array($mail_password, $account_id, &$pw_enc));
|
|
|
|
$row = array(
|
|
|
|
'account_id' => $account_id,
|
|
|
|
'cred_password' => $pw_encrypted_rs,
|
|
|
|
'cred_pw_enc' => $pw_enc,
|
|
|
|
);
|
|
|
|
$this->assertEquals($mail_password, self::callProtectedMethod('decrypt', __NAMESPACE__.'\\Credentials',
|
|
|
|
array($row)), 'AES decrypt with random salt');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test old 14.x tripledes password encryption with mcrypt (if available) and openssl
|
|
|
|
*/
|
|
|
|
public function testTripledes()
|
|
|
|
{
|
|
|
|
$mail_password = 'RälfÜber12345678sdddfd';
|
|
|
|
$account_id = $GLOBALS['egw_info']['user']['account_id'] = 1;
|
|
|
|
Api\Cache::setSession('phpgwapi', 'password', base64_encode('HMqUHxzMBjjvXppV'));
|
|
|
|
$pw_encrypted = 'Y7QwLIqS6MP61hS8/e4i0wCdtpQP6kZ2';
|
|
|
|
|
|
|
|
// if mycrypt is available check encrypting too
|
|
|
|
if (check_load_extension('mcrypt'))
|
|
|
|
{
|
|
|
|
$pw_enc = null;
|
|
|
|
$this->assertEquals($pw_encrypted, self::callProtectedMethod('encrypt_mcrypt_3des', __NAMESPACE__.'\\Credentials',
|
|
|
|
array($mail_password, $account_id, &$pw_enc)), 'tripledes encryption with mcrypt');
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
$pw_enc = Credentials::USER;
|
|
|
|
}
|
|
|
|
// otherwise only check decrypting with openssl
|
|
|
|
$row = array(
|
|
|
|
'account_id' => $account_id,
|
|
|
|
'cred_password' => $pw_encrypted,
|
|
|
|
'cred_pw_enc' => $pw_enc,
|
|
|
|
);
|
|
|
|
$this->assertEquals($mail_password, self::callProtectedMethod('decrypt', __NAMESPACE__.'\\Credentials',
|
|
|
|
array($row)), 'tripledes decryption with openssl');
|
|
|
|
|
|
|
|
if (check_load_extension('mcrypt'))
|
|
|
|
{
|
|
|
|
$this->assertEquals($mail_password, self::callProtectedMethod('decrypt_mcrypt_3des', __NAMESPACE__.'\\Credentials',
|
|
|
|
array($row)), 'tripledes decryption with mcrypt');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
protected static function callProtectedMethod($name, $classname, $params)
|
|
|
|
{
|
|
|
|
$class = new ReflectionClass($classname);
|
|
|
|
$method = $class->getMethod($name);
|
|
|
|
$method->setAccessible(true);
|
|
|
|
$obj = new $classname();
|
|
|
|
return $method->invokeArgs($obj, $params);
|
|
|
|
}
|
|
|
|
}
|